package com.my.framework.config;

import com.my.framework.shiro.CaptchaFormAuthenticationFilter;
import com.my.framework.shiro.ShiroDbRealm;
import com.my.framework.shiro.SystemFilter;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.authc.AnonymousFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.DelegatingFilterProxy;

import javax.servlet.DispatcherType;
import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {

	@Bean
	public FilterRegistrationBean filterRegistrationBean() {
		FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
		filterRegistration.setFilter(new DelegatingFilterProxy("shiroFilter"));
		filterRegistration.setEnabled(true);
		filterRegistration.addUrlPatterns("/*");
		filterRegistration.setDispatcherTypes(DispatcherType.REQUEST);
		return filterRegistration;
	}


	@Bean
	public DefaultWebSecurityManager securityManager() {
		DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
		securityManager.setRealm(shiroDbRealm());
		securityManager.setCacheManager(shiroEhcacheManager());
		return securityManager;
	}
	@Bean
	public ShiroDbRealm shiroDbRealm() {
		ShiroDbRealm shiroDbRealm = new ShiroDbRealm();
		shiroDbRealm.setActiveRoot(true);
		//密码加密规则
		HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
		hashedCredentialsMatcher.setHashIterations(1024);
		hashedCredentialsMatcher.setHashAlgorithmName("SHA-1");
		shiroDbRealm.setCredentialsMatcher(hashedCredentialsMatcher);
		return shiroDbRealm;
	}

	@Bean
	public EhCacheManager shiroEhcacheManager() {
		EhCacheManager ehCacheManager = new EhCacheManager();
		ehCacheManager.setCacheManagerConfigFile("classpath:ehcache/ehcache-shiro.xml");
		return ehCacheManager;
	}

	@Bean(name = "shiroFilter")
	public ShiroFilterFactoryBean shirFilter() {
		ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
		// 必须设置 SecurityManager
		shiroFilterFactoryBean.setSecurityManager(securityManager());
		// 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
		shiroFilterFactoryBean.setLoginUrl("/management/login");
		// 登录成功后要跳转的链接
		shiroFilterFactoryBean.setSuccessUrl("/management/index/index");
		// 未授权界面;
		Map<String, Filter> filters = new LinkedHashMap<String, Filter>();
		filters.put("authc",new CaptchaFormAuthenticationFilter());
		filters.put("anon",new AnonymousFilter());
		shiroFilterFactoryBean.setFilters(filters);
		// 拦截器.
		Map<String, String> filterChainDefinitions = new LinkedHashMap<String, String>();
		// 配置拦截的规则 顺序判断
		filterChainDefinitions.put("/css/**", "anon");
		filterChainDefinitions.put("/images/**", "anon");
		filterChainDefinitions.put("/js/**", "anon");
		filterChainDefinitions.put("/lib/**", "anon");
		filterChainDefinitions.put("/druid/**","anon");
		filterChainDefinitions.put("/management/login", "authc");
		filterChainDefinitions.put("/**", "authc");
		shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitions);
		return shiroFilterFactoryBean;
	}
}